ByteOS Network

Tomdever

Source -

CNA

BOS Name -

N/A

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

4Vulnerabilities found

CVE-2026-42682

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-9.1||CRITICAL

EPSS-0.05% / 16.42%

7 Day CHG+0.01%

Published-01 Jun, 2026 | 14:47

Updated-01 Jun, 2026 | 16:41

WordPress wpForo Forum plugin <= 3.0.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tomdever wpForo Forum allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects wpForo Forum: from n/a through 3.0.6.

Vendor-Tomdever

Product-wpForo Forum

CWE ID-CWE-862

Missing Authorization

CVE-2025-66070

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-7.5||HIGH

EPSS-0.04% / 13.53%

7 Day CHG~0.00%

Published-18 Dec, 2025 | 07:22

Updated-28 Apr, 2026 | 16:14

WordPress wpForo Forum plugin <= 2.4.10 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tomdever wpForo Forum wpforo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpForo Forum: from n/a through <= 2.4.10.

Vendor-Tomdever

Product-wpForo Forum

CWE ID-CWE-862

Missing Authorization

CVE-2025-58597

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-4.3||MEDIUM

EPSS-0.07% / 22.01%

7 Day CHG~0.00%

Published-03 Sep, 2025 | 14:36

Updated-12 May, 2026 | 00:39

WordPress wpForo Forum Plugin <= 2.4.6 - Insecure Direct Object References (IDOR) Vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Tomdever wpForo Forum wpforo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpForo Forum: from n/a through <= 2.4.6.

Vendor-Tomdever

Product-wpForo Forum

CWE ID-CWE-639

Authorization Bypass Through User-Controlled Key

CVE-2025-31420

Assigner-Patchstack

View Details

Assigner-Patchstack

CVSS Score-7.6||HIGH

EPSS-0.22% / 44.98%

7 Day CHG~0.00%

Published-04 Apr, 2025 | 13:00

Updated-29 Apr, 2026 | 10:16

WordPress wpForo Forum plugin <= 2.4.2 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum wpforo allows Privilege Escalation.This issue affects wpForo Forum: from n/a through <= 2.4.2.

Vendor-Tomdever

Product-wpForo Forum

CWE ID-CWE-266

Incorrect Privilege Assignment